platform modeling and allocation
TRANSCRIPT
![Page 1: Platform modeling and allocation](https://reader033.vdocuments.mx/reader033/viewer/2022060400/6294ccea46dc0a47394b23dc/html5/thumbnails/1.jpg)
Budapest University of Technology and EconomicsDepartment of Measurement and Information Systems
Platform modeling and allocation
Systems Engineering BSc Course
![Page 2: Platform modeling and allocation](https://reader033.vdocuments.mx/reader033/viewer/2022060400/6294ccea46dc0a47394b23dc/html5/thumbnails/2.jpg)
Trac
eab
ility
Ver
ific
atio
nan
d V
alid
atio
n
Platform-based systems design
Functionalmodel
Platform model
Architecturemodel
Config. modelComponent
behav. model
Source code Config. file
Binary code
CompilerLinker
HW/SW allocation
code generationcode generation
HW library
Requirements
Fault tolerance& safety
![Page 3: Platform modeling and allocation](https://reader033.vdocuments.mx/reader033/viewer/2022060400/6294ccea46dc0a47394b23dc/html5/thumbnails/3.jpg)
Learning Objectives
Platform models
Addressing non-functional requirements in the platform modelAddressing constraints coming from the runtime platform like computation and communication resources
Allocation
Understanding the concept of allocationIdentify the basic design decisions made during allocation (resource allocation., scheduling, communication allocation)
Case studies
• See examples of allocation information from different domains
• Analyze extra-functional properties of the integrated allocation model
![Page 4: Platform modeling and allocation](https://reader033.vdocuments.mx/reader033/viewer/2022060400/6294ccea46dc0a47394b23dc/html5/thumbnails/4.jpg)
Why platform models are needed
![Page 5: Platform modeling and allocation](https://reader033.vdocuments.mx/reader033/viewer/2022060400/6294ccea46dc0a47394b23dc/html5/thumbnails/5.jpg)
Runtime platform
▪ Systems provide functions
▪ Functions are defined using
o Functional models
o Component behavior models
▪ How to realize these functions?
5
![Page 6: Platform modeling and allocation](https://reader033.vdocuments.mx/reader033/viewer/2022060400/6294ccea46dc0a47394b23dc/html5/thumbnails/6.jpg)
Runtime platform
▪ Systems provide functions
▪ Functions are defined using
o Functional models
o Component behavior models
▪ How to realize these functions? → in Software!
6
![Page 7: Platform modeling and allocation](https://reader033.vdocuments.mx/reader033/viewer/2022060400/6294ccea46dc0a47394b23dc/html5/thumbnails/7.jpg)
Runtime platform
▪ Systems provide functions
▪ Functions are defined using
o Functional models
o Component behavior models
▪ How to realize these functions? → in Software!
oMaybe in hardware? (e.g., sensors, GPU, FPGA, etc.)
o What will execute our software functions?
o How will they be able to communicate
7
![Page 8: Platform modeling and allocation](https://reader033.vdocuments.mx/reader033/viewer/2022060400/6294ccea46dc0a47394b23dc/html5/thumbnails/8.jpg)
Platform model
▪ The platform model specifies the physical building blocks of the execution platform
o the execution resources
• memory, CPU, etc.
o the available communication resources
• Network interfaces, routers, etc.
o the properties of the used HW elements
• Weight
• Availability
• Size
• etc.
8
![Page 9: Platform modeling and allocation](https://reader033.vdocuments.mx/reader033/viewer/2022060400/6294ccea46dc0a47394b23dc/html5/thumbnails/9.jpg)
Defining the platform model I.
▪ Resource capturing phase
o Specification of reusable hardware entities
• Coming from HW libraries/technical dictionaries
• Defined by HW designers within the project
→atomic hardware units of the execution platform– Embedded systems: Processor, Communication controller
– Define hardware properties
9
![Page 10: Platform modeling and allocation](https://reader033.vdocuments.mx/reader033/viewer/2022060400/6294ccea46dc0a47394b23dc/html5/thumbnails/10.jpg)
Defining the platform model II.
▪ Platform composition phase
o (Already available HW design → only modifications)
o Definition from bottom-up based on the atomic building blocks
▪ Similar modeling task as the functional component definition BUT
o Connecting blocks == physical linkage
o Part-whole relationship == physical containment
o Physical HW properties are needed to be taken into consideration
• Size, weight, number of ports, etc.
10
![Page 11: Platform modeling and allocation](https://reader033.vdocuments.mx/reader033/viewer/2022060400/6294ccea46dc0a47394b23dc/html5/thumbnails/11.jpg)
Defining the platform model II.
11
Frequently a bottom-up processusing libraries / catalogues
![Page 12: Platform modeling and allocation](https://reader033.vdocuments.mx/reader033/viewer/2022060400/6294ccea46dc0a47394b23dc/html5/thumbnails/12.jpg)
Functions to Platform allocation
Usually HW-SW allocation
![Page 13: Platform modeling and allocation](https://reader033.vdocuments.mx/reader033/viewer/2022060400/6294ccea46dc0a47394b23dc/html5/thumbnails/13.jpg)
Allocation example
Aft Zone
ForwardZone
Flight DeckAir
Conditioning panel
System Display
Zone Controller
Pack Controller
Pack
Pack
Pack Controller
PackController
ZoneController
Functions
System
Display
AirCond
Panel
Supply fresh air
Supply hot air
Monitor temperature
Settemperature
![Page 14: Platform modeling and allocation](https://reader033.vdocuments.mx/reader033/viewer/2022060400/6294ccea46dc0a47394b23dc/html5/thumbnails/14.jpg)
FederatedRTOS
Allocation example – functions to partitions
PackController
ZoneController
Aft Zone
ForwardZone
Flight DeckAir
Conditioning panel
System Display
Zone Controller
Pack Controller
Pack
Pack
Pack Controller
Functions
System
Display
AirCond
Panel
1
5
3
6
Partitions
ARINC 653RTOS
Constraints
Only one function per partition
2
4
![Page 15: Platform modeling and allocation](https://reader033.vdocuments.mx/reader033/viewer/2022060400/6294ccea46dc0a47394b23dc/html5/thumbnails/15.jpg)
FederatedRTOS
Allocation example – functions to partitions
PackController
ZoneController
Aft Zone
ForwardZone
Flight DeckAir
Conditioning panel
System Display
Zone Controller
Pack Controller
Pack
Pack
Pack Controller
SW functions
System
Display
AirCond
Panel
1
5
3
6
Partitions
ARINC 653RTOS
Constraints
2
4
Modify HW architecturefor more resources
2
2
![Page 16: Platform modeling and allocation](https://reader033.vdocuments.mx/reader033/viewer/2022060400/6294ccea46dc0a47394b23dc/html5/thumbnails/16.jpg)
Allocation example – communication channels
SW functionality
1
2
6
4
3
5
HW Communicationchannels
Aft Zone
ForwardZone
Flight DeckAir
Conditioning panel
System Display
Zone Controller
Pack Controller
Pack
Pack
Pack Controller
PackController
ZoneController
System
Display
AirCond
Panel
AFDX
ARINC 429
ARINC 653 ports
One possible candidate is
selected
2
2
![Page 17: Platform modeling and allocation](https://reader033.vdocuments.mx/reader033/viewer/2022060400/6294ccea46dc0a47394b23dc/html5/thumbnails/17.jpg)
Allocation
▪ Input:o Functional model + platform model
o Additional non-functional constraints
▪ Output:o System Architecture
▪ The System Architecture defines for each instance of a Functionowhere and when to execute
o when to communicate
o and on which bus
17
![Page 18: Platform modeling and allocation](https://reader033.vdocuments.mx/reader033/viewer/2022060400/6294ccea46dc0a47394b23dc/html5/thumbnails/18.jpg)
Where and when to execute
▪ Platform (HW)
o Available memory
o CPU performance
o Redundancy
▪ Functional (SW)
o Memory required
o Execution window required
o Safety aspects• E.g., criticality levels
18
▪ Allocate the functions to their designated execution resource
o Processor, GPU, server, node, etc.
▪ Schedule the execution of functions
o Based on their required execution window
• Major driver of the allocation process
▪ Constraints (usually) taken into consideration
![Page 19: Platform modeling and allocation](https://reader033.vdocuments.mx/reader033/viewer/2022060400/6294ccea46dc0a47394b23dc/html5/thumbnails/19.jpg)
When to communicate and on which bus▪ Allocate Function model level communication means to
platform communication resourceso Information flow to bus mappingo Data/message mapping to platform representationo Scheduling
• Messages, buses, routers• Major driver of the allocation process
o Constraints (usually) taken into consideration
19
▪ Platform (HW)o Connectivity
• comm. architecture• Routing• Supported modes
o Bandwidth & Speedo Precision
• Data mapping
o Redundancy• Independent paths
▪ Functional (SW)o Message properties
• size
• priority
o Communication mode
• 1-1, 1-n, n-n
o Safety aspects
• WCET
![Page 20: Platform modeling and allocation](https://reader033.vdocuments.mx/reader033/viewer/2022060400/6294ccea46dc0a47394b23dc/html5/thumbnails/20.jpg)
Additional aspects of the allocation
▪ Multi-level allocationo Complexity is handled on multiple abstraction-levels→
allocation is handled between all hierarchies
▪ Resulting System Architectures are used for validating system level functional/non-functional aspectso Timing requirements, safety requirements, etc.
o Used methods: Static checks, simulations, HiL, etc.
▪ No perfect allocation →Multi-dimensionaloptimization problemo Design Space Exploration
20
![Page 21: Platform modeling and allocation](https://reader033.vdocuments.mx/reader033/viewer/2022060400/6294ccea46dc0a47394b23dc/html5/thumbnails/21.jpg)
Extra-functional properties
![Page 22: Platform modeling and allocation](https://reader033.vdocuments.mx/reader033/viewer/2022060400/6294ccea46dc0a47394b23dc/html5/thumbnails/22.jpg)
System properties
▪ Functional requirements →Functional properties: functions that the system is able to perform
o including how the system behaves while operating –also called operational properties.
▪ Extra-functional requirements →Extra-functional properties:
o no bearing on the functionality of the system
o describing instead attributes, constraints, metrics…
o …regarding performance, design, quality of service, environmental impact, failure and recovery, etc.
22
![Page 23: Platform modeling and allocation](https://reader033.vdocuments.mx/reader033/viewer/2022060400/6294ccea46dc0a47394b23dc/html5/thumbnails/23.jpg)
Approach
23
Functional model
Additional information, configuration
Integrated model; ready for validation
Validation of functional requirements
Validation of extra-functional requirements
![Page 24: Platform modeling and allocation](https://reader033.vdocuments.mx/reader033/viewer/2022060400/6294ccea46dc0a47394b23dc/html5/thumbnails/24.jpg)
Example extra-functional properties
▪ Dependability: the ability to deliver service that can justifiably be trusted.
▪ Attributes of dependability:o availability: readiness for correct service.
o reliability: continuity of correct service.
o safety: absence of catastrophic consequences on the user(s) and the environment.
o integrity: absence of improper system alterations.
o maintainability: ability to undergo modifications and repairs
▪ Performability: performance regardless of thepresence of faults.
24
![Page 25: Platform modeling and allocation](https://reader033.vdocuments.mx/reader033/viewer/2022060400/6294ccea46dc0a47394b23dc/html5/thumbnails/25.jpg)
Example: dependability analysis taxonomy
25
Modeling
Simulation
Analytical solution
Static methods
State space-based methods
Reliability block diagram
Fault tree
Markov chains
Stochastic Petri nets
……
![Page 26: Platform modeling and allocation](https://reader033.vdocuments.mx/reader033/viewer/2022060400/6294ccea46dc0a47394b23dc/html5/thumbnails/26.jpg)
Modeling platform in SysML
![Page 27: Platform modeling and allocation](https://reader033.vdocuments.mx/reader033/viewer/2022060400/6294ccea46dc0a47394b23dc/html5/thumbnails/27.jpg)
Platform modeling techniques
▪ Running platform is composed of existing (hardware) elements
▪ Approach: bottom-up using composition
☺ Subsystems can be tested one-by-one
☺ There are always some working parts during development
Exact roles of the subsystems are revealed late
System
Subsystems
Subsytems of subsystems
27
![Page 28: Platform modeling and allocation](https://reader033.vdocuments.mx/reader033/viewer/2022060400/6294ccea46dc0a47394b23dc/html5/thumbnails/28.jpg)
Platform models in SysML
▪ Models composed of blocks → BDD, IBD are used.
28
Role multiplicityis set to 1
![Page 29: Platform modeling and allocation](https://reader033.vdocuments.mx/reader033/viewer/2022060400/6294ccea46dc0a47394b23dc/html5/thumbnails/29.jpg)
Modeling allocation in SysML
![Page 30: Platform modeling and allocation](https://reader033.vdocuments.mx/reader033/viewer/2022060400/6294ccea46dc0a47394b23dc/html5/thumbnails/30.jpg)
Allocation example: railway system
▪ Functional structure
▪ Platform structure
30
![Page 31: Platform modeling and allocation](https://reader033.vdocuments.mx/reader033/viewer/2022060400/6294ccea46dc0a47394b23dc/html5/thumbnails/31.jpg)
Allocation example: railway system
▪ Functional structure
▪ Platform structure
31
![Page 32: Platform modeling and allocation](https://reader033.vdocuments.mx/reader033/viewer/2022060400/6294ccea46dc0a47394b23dc/html5/thumbnails/32.jpg)
Allocation example: railway system
▪ Functional structure
▪ Platform structure
32
![Page 33: Platform modeling and allocation](https://reader033.vdocuments.mx/reader033/viewer/2022060400/6294ccea46dc0a47394b23dc/html5/thumbnails/33.jpg)
Allocation example: railway system
▪ Functional structure
▪ Platform structure
33
![Page 34: Platform modeling and allocation](https://reader033.vdocuments.mx/reader033/viewer/2022060400/6294ccea46dc0a47394b23dc/html5/thumbnails/34.jpg)
The allocation relation in SysML
▪ Structural allocation: usage
34
Specifies logical tophysical allocation
Fun
ction
sP
latform
![Page 35: Platform modeling and allocation](https://reader033.vdocuments.mx/reader033/viewer/2022060400/6294ccea46dc0a47394b23dc/html5/thumbnails/35.jpg)
The allocation relation in SysML
▪ Structural allocation: definition
o Wherever a BBB is used in the system, a zone monitorand an accident prevention subsystem is assumed to be allocated to it
35
Fun
ction
sP
latform
![Page 36: Platform modeling and allocation](https://reader033.vdocuments.mx/reader033/viewer/2022060400/6294ccea46dc0a47394b23dc/html5/thumbnails/36.jpg)
The allocation relation in SysML
▪ Functional allocation: definition
o A zone actuator behaves as it is described in the allocated statemachine.
36
Functional model
Platform model
Architecture model
Component behav. model
HW/SW allocation
HW library
Fault tolerance & safety
![Page 37: Platform modeling and allocation](https://reader033.vdocuments.mx/reader033/viewer/2022060400/6294ccea46dc0a47394b23dc/html5/thumbnails/37.jpg)
SysML allocation matrix
37
Columns: functional elements
Rows: platform elements
![Page 38: Platform modeling and allocation](https://reader033.vdocuments.mx/reader033/viewer/2022060400/6294ccea46dc0a47394b23dc/html5/thumbnails/38.jpg)
SysML allocation matrix
38
Arrow pointing downward: function to platform allocation
(colum to row)
![Page 39: Platform modeling and allocation](https://reader033.vdocuments.mx/reader033/viewer/2022060400/6294ccea46dc0a47394b23dc/html5/thumbnails/39.jpg)
SysML allocation matrix
39
Multiple platform elements runthe instances of the function
![Page 40: Platform modeling and allocation](https://reader033.vdocuments.mx/reader033/viewer/2022060400/6294ccea46dc0a47394b23dc/html5/thumbnails/40.jpg)
SysML allocation matrix
40
A logical connection is allocated to multiple elements in the platform
![Page 41: Platform modeling and allocation](https://reader033.vdocuments.mx/reader033/viewer/2022060400/6294ccea46dc0a47394b23dc/html5/thumbnails/41.jpg)
SysML allocation matrix
41
A logical connection is allocated to multiple elements in the platform
![Page 42: Platform modeling and allocation](https://reader033.vdocuments.mx/reader033/viewer/2022060400/6294ccea46dc0a47394b23dc/html5/thumbnails/42.jpg)
Allocation constraints
▪ Platform element capabilities
o What kind of resources does the platform element have?
▪ Realization of connections
o Are the connections between the functions supported by the platform?
▪ Standards and additional well-formedness rules
o Such as „critical and non-critical functions shall not run on the same platform element”.
42
![Page 43: Platform modeling and allocation](https://reader033.vdocuments.mx/reader033/viewer/2022060400/6294ccea46dc0a47394b23dc/html5/thumbnails/43.jpg)
Advantages of allocation matrices
▪ A function cannot be deployed to the same device twice.
▪ Allocation of the logical connections can be validated by examining endpoints and continuity of the corresponding platform connection.
▪ By examining the safety levels of the allocated functions row by row, critical and non-critical functions cannot be allocated to the same device.
43
![Page 44: Platform modeling and allocation](https://reader033.vdocuments.mx/reader033/viewer/2022060400/6294ccea46dc0a47394b23dc/html5/thumbnails/44.jpg)
Best practices / Goals
▪ Avoid single point of failures
▪ Fault tolerant design patterns
o See lecture on Safety-critical systems: Architecture
▪ Cost efficiency
oWeight
o Price
44
![Page 45: Platform modeling and allocation](https://reader033.vdocuments.mx/reader033/viewer/2022060400/6294ccea46dc0a47394b23dc/html5/thumbnails/45.jpg)
Case study
Analysis of extra-functional properties of a service
![Page 46: Platform modeling and allocation](https://reader033.vdocuments.mx/reader033/viewer/2022060400/6294ccea46dc0a47394b23dc/html5/thumbnails/46.jpg)
Validation of service configurations
▪ Performability analysis
o „Performability = Performance + Reliability”
▪ What happens in case of a failure?
o E.g. the middleware responsible for reliable messaging resends the lost message → the guaranteed response time may increase (e.g. too low timeout → several false resends).
▪ What is the price of reliability? (performance-reliability tradeoff)
▪ How to set SLA parameters?
46
![Page 47: Platform modeling and allocation](https://reader033.vdocuments.mx/reader033/viewer/2022060400/6294ccea46dc0a47394b23dc/html5/thumbnails/47.jpg)
What do we model from all of this?
▪ Abstract behavior
o Server
o Client
▪ Message handling parameters (derived)
o Method for handling messages
o Number of resends
o Parameters of send, resend, ack
• (exponential distribution)
47
![Page 48: Platform modeling and allocation](https://reader033.vdocuments.mx/reader033/viewer/2022060400/6294ccea46dc0a47394b23dc/html5/thumbnails/48.jpg)
▪ Describes the platform
▪ Its parameters are included in the configuration model
Server
ServerIdle
Processing
?send
?resend
!ack
Client
ClientIdle
Sent1x
Fail1x
Sent2x Sent3x
Fail2x Failure
Success
!send !resend !resend
timeout timeout timeout
reset
?ack ?ack ?ack
!ack
Middleware model
send
resend
ack
48
![Page 49: Platform modeling and allocation](https://reader033.vdocuments.mx/reader033/viewer/2022060400/6294ccea46dc0a47394b23dc/html5/thumbnails/49.jpg)
Analysis results: utilization
Analysis in steady-state
How much time does error handling take?
Success
Failure
MsgSent1
MsgSent3
MsgSent2
Fail1
ClientIdle
Fail2
~23%
49
![Page 50: Platform modeling and allocation](https://reader033.vdocuments.mx/reader033/viewer/2022060400/6294ccea46dc0a47394b23dc/html5/thumbnails/50.jpg)
Sensitivity analysis results
Sensitivity analysis: what to change?
Probability of system level failures with respect to timing parameters of „resend”?
An increase in the number of successful ACK messages significantly lowers the number of failures
50
![Page 51: Platform modeling and allocation](https://reader033.vdocuments.mx/reader033/viewer/2022060400/6294ccea46dc0a47394b23dc/html5/thumbnails/51.jpg)
Case study
Schedule execution on a distributed platform
![Page 52: Platform modeling and allocation](https://reader033.vdocuments.mx/reader033/viewer/2022060400/6294ccea46dc0a47394b23dc/html5/thumbnails/52.jpg)
Scheduling
▪ Platform model: computation nodes and communication channels between them.
▪ Algorithm model: data-flow graph with operations as vertices and data-dependencies as edges.
▪ Challenge: schedule operations on the computation nodes for execution
o Network communication takes time
o Local results can be accessed instantly
52
![Page 53: Platform modeling and allocation](https://reader033.vdocuments.mx/reader033/viewer/2022060400/6294ccea46dc0a47394b23dc/html5/thumbnails/53.jpg)
PlatformDataflow/ALG
Example [A. Girault]
I OA
B
C
D
E
F
G
P1 P2
P3
L13
L12
L23
WCET I A B C D E F G O
P1 10 20 30 20 30 10 20 14 14
P2 13 15 10 30 17 12 25 10 X
P3 X 10 15 10 30 20 10 15 18
Src/Trg P1 P2 P3
P1 0 15 10
P2 15 0 20
P3 10 20 0
1) Create schedule (when and where to run what?)2) Create fault-tolerant (FT) schedule if at most 1 proc may fail
![Page 54: Platform modeling and allocation](https://reader033.vdocuments.mx/reader033/viewer/2022060400/6294ccea46dc0a47394b23dc/html5/thumbnails/54.jpg)
Naive solution (no FT)P1 L12 P2 L23 P3 L13
Start End Start End Start End Start End Start End Start End
I 0 10
A 10 30 30 45
B 30 60
C 60 80
D 45 62
E 74 89 62 74
F 80 100
G 100 114
O 114 128
P1 P2
P3L13
L12
L23
I A B C F G O D E
A D
EG
![Page 55: Platform modeling and allocation](https://reader033.vdocuments.mx/reader033/viewer/2022060400/6294ccea46dc0a47394b23dc/html5/thumbnails/55.jpg)
P1
I A C
FT Allocation and ScheduleP1 L12 P2 L23 P3 L13
Start End Start End Start End Start End Start End Start End
I 0 10
A 10 30 30 45
B 30 60
C 60 80
D 45 62
E 74 89 62 74
F 80 100
G 100 114
O 114 128
P1 L12 P2 L23 P3 L13
Start End Start End Start End Start End Start End Start End
I 0 10 0 13
A 10 30 13 28 30 40
B 38 53 28 38 40 55
C 30 50 55 65
D 50 80 38 55 55 75
E 67 82 55 67 65 85
F 80 100 85 95
G 100 114 95 110
O 114 128 110 128
P2
P3L13
L12
L23
EG BFD F G O
B C E F G O
DG
AB
A C E F G
C
![Page 56: Platform modeling and allocation](https://reader033.vdocuments.mx/reader033/viewer/2022060400/6294ccea46dc0a47394b23dc/html5/thumbnails/56.jpg)
Summary